Glossary - Cybersecurity

802.1X A standard that provides authentication to devices attached to a LAN port, establishing a point-to-point connection or preventing access from that port if authentication fails. 802.1X is often referred to as Port Based Network Access Control and prevents what is called “port hijacking” - when an unauthorized computer obtains access to a network by gaining access to a network jack.

Anti-virus softwareA program that protects a computer from viruses found on the Internet. Attachment – A file that can be attached and sent with an email or other message. Malicious programs are commonly spread this way.

BackdoorAn overlooked or hidden entry into a computer system. A hacker can use a backdoor to bypass a password and gain access to a computer.

Brute-force login attackMultiple logins are attempted until the hacker gains access to the network.

BYOD(Bring Your Own Device)Policy of permitting employees to use their own mobile devices to access company information.

Common Vulnerabilities and Exposures (CVE) A widely known glossary of common information security vulnerabilities. CVE’s common identifiers make it easier to share data across separate network security databases and tools, and provide a baseline for evaluating the coverage of an organization’s security tools.

Denial of Service (DoS) attackAn attack on a network that is designed to crash the network by flooding it with useless traffic.

DNS (Domain Name Service)A standard that provides a way to translate IP addresses into names. All devices on the network should have a valid FQDN (Fully Qualified Domain Name). This will require some sort of device registration so that the network operator can add your IP addresses to the DNS.

FirewallA security tool that can protect a computer or network from unauthorized attempts to access the system.

HackerSomeone who intentionally breaches into a computer system to cause some sort of damage.

HTTP (HyperText Transfer Protocol)An application protocol for distributed and collaborative information systems. HTTP is the foundation of data communication for the World Wide Web.

HTTP Digest (access) authenticationOne of the agreed-upon methods a web server can use to confirm credentials and a user’s identity, such as username or password.

HTTPS (HyperText Transfer Protocol Secure)The most common data encryption protocol. HTTPS is identical to HTTP, but with one key difference: the data transferred is encrypted using Secure Sockets Layer (SSL) or Transport Layer Security (TLS).

IETF (Internet Engineering Task Force)A group which produces technical documents that influence the way the internet is used.

Intrusion Detection System (IDS)A device or software application that monitors network or system activities for malicious activities or policy violations and produces reports to a management station.

IoT (Internet of Things) A network of physical objects with the ability to transfer data requiring human-to-human or human-to-computer interaction.

IP filteringA process that prevents all but one or a few IP addresses from accessing the network video products. It is similar to a built-in firewall.

Least privileged accountThe practice of limiting access to the minimal level, while still staying functional. When applied to employees, least privilege translates to giving people the lowest level of user rights and still be able to do their jobs.

Network segmentationFor enterprise systems, it is advised to install a surveillance system on a separate network segment than the business network.

NTP (Network Time Protocol)This IETF standard is used to provide a common accurate time source for all network-attached devices.

Password policyA set of rules designed to enhance security protection.

PhishingA message (email, instant message or via a social site) meant to lure someone to respond in hopes of gathering personal information.

RADIUS (Remote Authentication Dial-In User Service)A networking protocol which forwards an authentication query to an authentication server. If successful, the server instructs the authenticator to authorize access to the network.

SyslogA standards-based mechanism to provide system log messages for operational and troubleshooting use.Technically, digest authentication is an application of MD5 cryptographic hashing with usage of nonce values to prevent replay attacks. It uses the HTTP protocol.

Trojan horseA malicious program entering into a computer system through a legitimate program designed to cause damage.

Username and password authenticationThe most basic method of protecting data on an IP network is to use username and password authentication. Data is protected from access until a user submits the correct username and password.

Video Management System (VMS) A software paired with a video surveillance system.

Virus A program that attaches itself to a file or application. The damage can range from annoying to extremely destructive.

VLAN (Virtual Local Area Network)A technology for virtually segmenting networks, supported at the switch level. It can be achieved by dividing network users in to logical groups. Only users in a specific group are capable of exchanging data or accessing certain resources on the network.

VPN (Virtual Private Network)A security method using an encryption protocol to provide a secure tunnel, from one network to another, through which data can be securely transferred. This allows for secure communications across a public network, such as the Internet.

WormA destructive program that is designed to reproduce itself and spread through your computer and network.